Re: Problem with Kerbereox/ldapux/sshd vs. Active Directory

Until someone comes along that knows more, I'll take a stab :)

1. Did I understand correctly that you have several systems running the same configuration, but only one giving you trouble? If so please review what changes happened to the server within the last 7 days prior to the problem starting.

2. Whether or not you can identify any changes, you need to begin the debugging process, which anyone with any long-term support experience will tell you is the same regardless of platform. It's a process of elimination. Start with verifying the various stages of the process. Keep ruling out things that are associated with functioning portions of this until you're left looking at that which doesn't funciton. Break down larger processes into their component steps and make sure you understand every one and that it's all working, for somewhere along the line, you'll find your problem.3. Comparison - not knowing 'ldapux', I can't be specific, but review any configs, files, directories associated with this product and compare them to working versions on the servers without issues.

Re: Problem with Kerbereox/ldapux/sshd vs. Active Directory

Hi Guys!

I finally got it to work - it was ALL me apparently, sorry guys :-( - it looks like a letter in the principal-name was uppercase in the keytab, but for some reason not on the KDC. This make the unknown error 255 apparently. Anyway, another thing that puzzles me, is that while testing, I tried to remove the keytab-file entirely - which make login using AD-accounts work. I didn't know that was possible? It just told me, as the keytab file was missing, it was assuming success.

Re: Problem with Kerbereox/ldapux/sshd vs. Active Directory

Hi,

Its one more question to you--we want use ads only for storing user and group attributes and to centralised athorizing users for unix servers.For this is it necessary to configure cifs and kerbrose auth for this??.